Mirror/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2024-11-16 08:58:30 +01:00
Code Issues Projects Releases Packages Wiki Activity
CyberChef/src/core/operations/DefangURL.mjs

103 lines
2.8 KiB
JavaScript
Raw Normal View History

Create DefangURL.mjs
2018-10-16 21:02:39 +02:00
/**
* @author arnydo [arnydo@protonmail.com]
Added various options to the 'Defang URL' operation.
2018-11-07 14:23:05 +01:00
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2018
Create DefangURL.mjs
2018-10-16 21:02:39 +02:00
* @license Apache-2.0
*/
Imports now specify the file extension to support Node v12
2019-07-09 13:23:59 +02:00
import Operation from "../Operation.mjs";
import {URL_REGEX, DOMAIN_REGEX} from "../lib/Extract.mjs";
Create DefangURL.mjs
2018-10-16 21:02:39 +02:00
/**
* DefangURL operation
*/
class DefangURL extends Operation {
/**
* DefangURL constructor
*/
constructor() {
super();
this.name = "Defang URL";
Added various options to the 'Defang URL' operation.
2018-11-07 14:23:05 +01:00
this.module = "Default";
this.description = "Takes a Universal Resource Locator (URL) and 'Defangs' it; meaning the URL becomes invalid, neutralising the risk of accidentally clicking on a malicious link.<br><br>This is often used when dealing with malicious links or IOCs.<br><br>Works well when combined with the 'Extract URLs' operation.";
this.infoURL = "https://isc.sans.edu/forums/diary/Defang+all+the+things/22744/";
Create DefangURL.mjs
2018-10-16 21:02:39 +02:00
this.inputType = "string";
this.outputType = "string";
Added various options to the 'Defang URL' operation.
2018-11-07 14:23:05 +01:00
this.args = [
{
name: "Escape dots",
type: "boolean",
value: true
},
{
name: "Escape http",
type: "boolean",
value: true
},
{
name: "Escape ://",
type: "boolean",
value: true
},
{
name: "Process",
type: "option",
value: ["Valid domains and full URLs", "Only full URLs", "Everything"]
}
];
Create DefangURL.mjs
2018-10-16 21:02:39 +02:00
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
Added various options to the 'Defang URL' operation.
2018-11-07 14:23:05 +01:00
const [dots, http, slashes, process] = args;
switch (process) {
case "Valid domains and full URLs":
input = input.replace(URL_REGEX, x => {
return defangURL(x, dots, http, slashes);
});
input = input.replace(DOMAIN_REGEX, x => {
return defangURL(x, dots, http, slashes);
});
break;
case "Only full URLs":
input = input.replace(URL_REGEX, x => {
return defangURL(x, dots, http, slashes);
});
break;
case "Everything":
input = defangURL(input, dots, http, slashes);
break;
}
return input;
Create DefangURL.mjs
2018-10-16 21:02:39 +02:00
}
}
Added various options to the 'Defang URL' operation.
2018-11-07 14:23:05 +01:00
/**
* Defangs a given URL
*
* @param {string} url
* @param {boolean} dots
* @param {boolean} http
* @param {boolean} slashes
* @returns {string}
*/
function defangURL(url, dots, http, slashes) {
if (dots) url = url.replace(/\./g, "[.]");
if (http) url = url.replace(/http/gi, "hxxp");
if (slashes) url = url.replace(/:\/\//g, "[://]");
return url;
}
Create DefangURL.mjs
2018-10-16 21:02:39 +02:00
export default DefangURL;
Reference in a new issue Copy permalink